For the purposes of the Data Protection Legislation, the Data Controller is E-voice Speech Recognition Limited, which is registered with the ICO with registration number A8323502). Information we collect, hold and how we use it
We may collect and process the following but are not limited to:
- Personal information - name, gender, date of birth;
- Contact details – business or personal address, email, phone number, identification number;
- Financial information – purchase order details, bank details, credit card number and payment details
- IT information – IP addresses, login information
It is likely that we will need to collect Sensitive Personal Information about you due to the nature of our business relationship, the services or products we supply to you or an end user. Where this is the case we will treat your data or the end users data in the strictest confidence at all times. Where we collect, request or use your Sensitive Personal Information this will be as part of a contract with you and for legitimate purposes.
Sensitive Personal Information is defined as your racial or ethnic origin, religious, political or philosophical beliefs, genetic data, and biometric data for the purposes of unique identification, trade union membership or information about your health/sex life and personal information relating to criminal convictions or offences. How do we use your personal information
The main purposes for which we use your personal information are:
Purposes for processing personal information
- to provide you with information about our products and services;
- to carry out our obligations arising from any contracts between us;
- to update you on our latest products and services and any relevant news we think you might be interested in;
- to ask you to partake in our customer surveys, to improve our customer service or make other services available to you;
- to provide you with relevant marketing communications;
- to help us develop and market new and other products and services where you have consented to be contacted for such purposes;
- to answer your technical and support queries;
- to third parties in order that we comply with all legal and regulatory requirements; and
- where you have given us permission, to contact you from time to time to keep you up to date with limited offers and other promotions.
- where you have given your consent to the processing of your personal data;
- to enable us to perform our obligations under any contract with you;
- for legitimate interests provided these are not overridden by your interests and fundamental rights and freedoms e.g., to respond to your enquiries;
- where we must comply with a legal obligation to disclose your personal information to a government and/or regulatory bodies and other third parties where required to do so by applicable law, e.g., to comply with a court order, for taxation purposes etc.;
- In the event of a merger, acquisition, or any form of sale of some or all of our assets to a third party, we may also disclose your personal information to the third parties concerned or their professional advisors. In the event of such a transaction, the personal information held by e-voice will be among the assets transferred to the buyer.
The criteria we use to determine data retention periods include the following:
- In case of queries - we may retain your personal data for a reasonable period after you have enquired about our products and services, in case of a follow up query from you.
- In case of claims - we may retain your personal data for the period in which you might legally bring claims against us (this means we will retain it for at least 7 years) if and to the extent this is relevant.
- In accordance with legal and regulatory requirements - we will consider whether we need to retain your personal data after the period of retention in the case of queries or claims (above) because of a legal or regulatory requirement. Some or all of these criteria may be relevant to retention of your personal data collected from you in connection with our products and services.
- Permitted under applicable law - we will continue to retain personal data where necessary to provide our products and services to you and where the retention of such personal data is necessary for the purposes of pursuing our legitimate interests or where it is necessary for public interest purposes.
Please note that, although reasonable efforts will be taken, it may not always be possible to completely remove or delete all of your personal information from our databases because of back-ups and other technical reasons. Where this is the case, we will take steps to ensure that your personal data is suppressed in order to render it unusable.Your data privacy rights
You may exercise the rights available to you under data protection laws as follows:
1. The right to withdraw your consent
to the processing of your personal data. However, we may continue to process your personal information if there is an alternative legal basis for the processing;
2. The right to request access
to or obtain a copy of the personal data we hold about you. Any request will be processed within 30 days in accordance with the GDPR;
3. The right to rectification
including to require us to correct inaccurate personal data;
4. The right to request restriction of processing
concerning you or to object to processing of your personal data if processing is based on legitimate interests or direct marketing etc.,
5. The right to request the erasure
of your personal data where it is no longer necessary for us to retain it;
6. The right to data portability
7. The right to object to automated decision making
including profiling (if any) that has a legal or significant effect on you as an individual;
8. The right to complain to a data protection authority e.g., the Information Commissioners Office (ICO) if you consider that we have infringed applicable data privacy laws when processing your personal data. Security
We endeavour to use appropriate technical and physical security measures to protect your personal data which is collected, stored or otherwise processed by us, from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access. These measures include storing personal data in a secure database which is password protected and using secure cloud storage for database backups. Our service providers are also selected carefully and required to use appropriate protective measures.
As effective as modern security practices are, no physical or electronic security system is entirely secure. The transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted over the internet. Any transmission of data is at your own risk. Once we receive your data, we will use appropriate security measures to seek to prevent unauthorised access. We will continue to revise policies and implement additional security features as new technologies become available.
In the event that there is an interception or unauthorised access to your personal data, we will not be liable or responsible for any resulting misuse of your personal information.
We may monitor the use and content of emails, calls and secure messages sent from and received by us so that we can identify and take legal action against unlawful or improper use of our systems e.g., transmitting computer viruses and attempts to prevent our website or other systems from working.